stMind

about Arsenal, Arsene Wenger, Tech, Computer vision and Machine learning

WBS APIのドキュメントを読む Oauth Guide編

Withings Oauth Guide

WBS APIOauth認証についてのドキュメント。WBS APIはOauth 1.0。

Application Registration

  • 事前登録必要
  • ここではパートナーアプリを「Consumer」, ユーザを「User」, Withingsを「Service Provider」と呼ぶ
  • OAuth Consumer KeyとOAuth Consumer Secretを取得

Getting Permanet Access

  • アクセスするために、ConsumerはService Providerから3つのitemを取得しなければならない
How to get this permanent access ?
(リクエスト例)
https://oauth.withings.com/account/request_token?
oauth_callback=http%3A%2F%2Fexample.com%2Fget_access_token
&oauth_consumer_key=c331c571585e7c518c78656f41582e96fc1c2b926cf77648223dd76424b52b
&oauth_nonce=f71972b1fa93b8935ccaf34ee02d7657
&oauth_signature=J8xzgFtHTsSRw8Ejc8UDV2jls34%3D
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1311778988
&oauth_version=1.0
(レスポンス例)
oauth_token=5bb105d2292ff43ec9c0f633fee9033045ed4643e9871b80ce586dc1bf945
&oauth_token_secret=6fede21e94eb2b562101146dcfb16422865bdbeb42cc378dd147d6827ee065e
  • Authorize this token
    • UserをWithingsのhttps://oauth.withings.com/account/authorizeにリダイレクト
    • Consumer tokenとRequest token、URLエンコードしたCallback urlをつけてConsumer Secretとrequest token secretで署名
    • Userは適切なユーザ(1アカウントに複数ユーザの場合があるので)を選び、Allowボタンを押すとリクエストで指定されたcallback urlにリダイレクト
    • request tokenとuseridが返る
(リクエスト例)
https://oauth.withings.com/account/authorize?
oauth_callback=http%3A%2F%2Fexample.com%2Fget_access_token
&oauth_consumer_key=c331c571585e7c518c78656f41582e96fc1c2b926cf77648223dd76424b52b
&oauth_nonce=369f9ceb2f285ac637c9a7e9e98019bd
&oauth_signature=OR9J9iEl%2F2yGOXP2wk5c2%2BWtYvU%3D
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1311778988
&oauth_token=5bb105d2292ff43ec9c0f633fee9033045ed4643e9871b80ce586dc1bf945
&oauth_version=1.0
(レスポンス例)
oauth_token=5bb105d2292ff43ec9c0f633fee9033045ed4643e9871b80ce586dc1bf945
&userid=831
(リクエスト例)
https://oauth.withings.com/account/access_token?
oauth_consumer_key=c331c571585e7c518c78656f41582e96fc1c2b926cf77648223dd76424b52b
&oauth_nonce=7acd22371fc56fd8a0aaf8416f79f84f
&oauth_signature=jmj1g%2FB3rYR2DCpWp86jB5YVHIM%3D
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1311778988
&oauth_token=5bb105d2292ff43ec9c0f633fee9033045ed4643e9871b80ce586dc1bf945
&oauth_version=1.0
&userid=831
(レスポンス例)
oauth_token=887557411788d5120537c6550fbf2df68921f8dd6f8c7e7f9b441941eb10
&oauth_token_secret=dde442265db3f86cc5df34dc1d162395c2d4e77efcbbdd6c059d793ff17d

Requesting Protect Data

http://wbsapi.withings.net/measure?
action=getmeas
&oauth_consumer_key=c331c571585e7c518c78656f41582e96fc1c2b926cf77648223dd76424b52b
&oauth_nonce=accbac1b7ee2b86b828e6dc4a5a539b2
&oauth_signature=XfobZMboIg2cRyNKAvyzONHHnKM%3D
&oauth_signature_method=HMAC-SHA1
&oauth_timestamp=1311842514
&oauth_token=887557411788d5120537c6550fbf2df68921f8dd6f8c7e7f9b441941eb10
&oauth_version=1.0
&userid=831

※修正: http://wbsapi.withings.com/cgi-bin/http://wbsapi.withings.net/